Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203231383539.roa
File: 3231322e3130332e34372e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: Rj4/oBS0DP1E+FMfqikPGam+MlgwzJFLHgcXPhIwWoo=
Subject key identifier: 18:91:04:5E:87:7C:5F:AA:56:DD:5B:A8:96:A6:18:E5:5B:21:9E:44
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 656FE3FCD54151B58D8C4EE55187256889025F2D
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203231383539.roa
Signing time: Tue 26 Aug 2025 03:21:54 +0000
ROA not before: Tue 26 Aug 2025 03:16:54 +0000
ROA not after: Tue 25 Aug 2026 03:21:54 +0000
asID: 21859
IP address blocks: 212.103.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:6f:e3:fc:d5:41:51:b5:8d:8c:4e:e5:51:87:25:68:89:02:5f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Aug 26 03:16:54 2025 GMT
Not After : Aug 25 03:21:54 2026 GMT
Subject: CN=1891045E877C5FAA56DD5BA896A618E55B219E44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:de:3a:38:13:f6:39:69:c4:92:8a:8b:99:5f:
11:20:11:3f:9a:6e:7d:51:ff:f0:2c:3e:65:aa:8a:
fb:ee:d4:5e:6c:45:93:48:13:c2:f5:1f:6b:67:29:
e5:82:33:d7:ed:cb:7d:46:31:c7:3b:3d:d3:ba:f9:
a3:cf:15:00:18:af:6a:0d:84:f9:eb:04:25:f6:c6:
3c:bf:d2:56:ca:c9:f4:ee:6a:23:fc:1f:16:62:e2:
85:90:8a:98:69:92:1f:16:fe:8d:30:39:2c:39:22:
ae:a3:04:98:db:b8:38:0d:e2:7d:a0:6e:89:5a:bd:
e2:fa:1e:d6:12:d5:b9:b5:70:2b:d8:18:03:88:4f:
5e:44:ea:be:44:a7:c7:f9:75:87:e9:29:17:4c:f5:
c8:6d:9a:7f:b3:3b:9e:38:16:0b:d3:93:df:d1:e3:
04:da:4b:59:2b:c0:91:90:c8:2b:15:b3:05:7a:e9:
e9:64:13:d6:2d:c0:00:c2:9f:8c:f0:ee:99:13:c4:
93:55:ea:69:52:70:bd:55:cd:07:d8:41:a4:17:53:
89:98:04:91:d0:36:e5:2f:00:1b:7b:c8:7d:70:ea:
6a:d3:e3:c7:0e:9f:e2:f3:0e:1c:0a:6a:a9:a6:5d:
44:82:7d:a2:d8:ab:0b:9e:2c:b2:3c:3a:1f:4d:72:
e9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:91:04:5E:87:7C:5F:AA:56:DD:5B:A8:96:A6:18:E5:5B:21:9E:44
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3231322e3130332e34372e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.47.0/24
Signature Algorithm: sha256WithRSAEncryption
09:0f:5e:c6:15:08:ad:6d:5a:ec:42:32:a3:c5:ec:dd:ee:8c:
56:d7:5c:2c:34:60:84:17:70:85:b7:c7:31:45:f5:df:0d:ca:
86:81:1e:1e:4e:81:8a:a3:23:35:30:eb:f9:94:6f:4c:3e:82:
e8:40:47:f6:a0:df:31:8e:31:fd:dd:e0:a0:8f:43:27:83:90:
54:a8:c8:55:bb:1b:c8:67:fa:8b:34:86:12:fb:77:90:8e:94:
dd:ce:6b:bd:b2:f2:7b:71:5b:b6:45:06:bc:47:08:24:22:2d:
fe:aa:29:46:21:96:b5:a5:53:70:e3:22:bc:f8:3e:b1:89:03:
dc:09:79:04:50:22:a6:ee:51:47:8d:1e:7a:88:23:33:ac:69:
d0:a2:43:33:dc:e5:06:20:f8:75:6d:7f:ed:b0:8e:c1:78:b6:
ac:1f:ac:1f:90:30:36:02:26:d2:42:86:18:79:9d:89:ac:7b:
45:8c:7b:0e:ab:d0:d5:89:7c:e4:53:aa:7c:d1:bc:2a:f5:a3:
02:61:9e:f6:e0:9e:0b:cb:ff:32:01:30:f6:1e:68:09:f6:39:
c1:14:2f:9d:71:23:c3:37:66:7c:64:d2:22:74:79:ce:97:e5:
c7:bf:59:91:0d:2b:df:38:f9:0a:c5:ed:87:e0:1a:16:92:23:
cf:e1:6a:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZW/j/NVBUbWNjE7lUYclaIkCXy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA4MjYwMzE2NTRaFw0yNjA4MjUwMzIxNTRaMDMxMTAvBgNV
BAMTKDE4OTEwNDVFODc3QzVGQUE1NkRENUJBODk2QTYxOEU1NUIyMTlFNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCO3jo4E/Y5acSSiouZXxEgET+a
bn1R//AsPmWqivvu1F5sRZNIE8L1H2tnKeWCM9fty31GMcc7PdO6+aPPFQAYr2oN
hPnrBCX2xjy/0lbKyfTuaiP8HxZi4oWQiphpkh8W/o0wOSw5Iq6jBJjbuDgN4n2g
bolaveL6HtYS1bm1cCvYGAOIT15E6r5Ep8f5dYfpKRdM9chtmn+zO544FgvTk9/R
4wTaS1krwJGQyCsVswV66elkE9YtwADCn4zw7pkTxJNV6mlScL1VzQfYQaQXU4mY
BJHQNuUvABt7yH1w6mrT48cOn+LzDhwKaqmmXUSCfaLYqwueLLI8Oh9NcukFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGJEEXod8X6pW3VuolqYY5VshnkQwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzIzMTMyMmUzMTMwMzMyZTM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GcvMA0GCSqGSIb3DQEBCwUAA4IBAQAJD17GFQitbVrsQjKjxezd7oxW11wsNGCE
F3CFt8cxRfXfDcqGgR4eToGKoyM1MOv5lG9MPoLoQEf2oN8xjjH93eCgj0Mng5BU
qMhVuxvIZ/qLNIYS+3eQjpTdzmu9svJ7cVu2RQa8RwgkIi3+qilGIZa1pVNw4yK8
+D6xiQPcCXkEUCKm7lFHjR56iCMzrGnQokMz3OUGIPh1bX/tsI7BeLasH6wfkDA2
AibSQoYYeZ2JrHtFjHsOq9DViXzkU6p80bwq9aMCYZ724J4Ly/8yATD2HmgJ9jnB
FC+dcSPDN2Z8ZNIidHnOl+XHv1mRDSvfOPkKxe2H4BoWkiPP4Wr5
-----END CERTIFICATE-----
Generated at Tue Sep 9 13:03:17 2025 by rpki-client